<?php

class DefaultController extends Controller
{
	public function filters()
	{
		return array(
			'accessControl',
		);
	}

	/**
	 * Specifies the access control rules.
	 * This method is used by the 'accessControl' filter.
	 * @return array access control rules
	 */
	public function accessRules()
	{
		return array(
			array('allow',  
				'actions'=>array('update'),
				'users'=>array('@'),
			),
			// Позволяет всем пользователям, которые принадлежат ролям admin, manager и developer
			// зайти на страницу create и update
			array('allow',
				'actions'=>array('index', 'create', 'delete'),
				'roles'=>array('admin'),
			),
			// Запретить все всем остальным пользователям
			array('deny',
				'users'=>array('*'),
			),
		);
	}
	
	public function init()
	{
		if(Yii::app()->user->checkAccess("admin"))
		{
			$this->menu = array(
				array(
					'url'=>array('/user/default/create'),
					'label'=>'Создать',
				),
				array(
					'url'=>array('/user/default/index'),
					'label'=>'Список пользователей',
				),
				array(
					'url'=>array('/user/rights/'),
					'label'=>'Роли',
				),
			);
		}
		
		parent::init();
	}
	
	/**
	 * Displays a particular model.
	 * @param integer $id the ID of the model to be displayed
	 */
	public function actionProfile($id = false)
	{
		if($id === false)
		{
			$id = Yii::app()->user->Id;
		}
		$model = $this->loadModel($id);

		$this->render('profile',array(
			'model'=>$model
		));
	}
	
	public function actionCreate()
	{
		$model = new User('insert');

		if(isset($_POST['User']))
		{
			$model->attributes=$_POST['User'];
			if($model->validate())
			{
				$model->save();
				$url = $this->createUrl('/user/default/index', array('status'=>'success'));
				$this->redirect($url);
			}
		}
		
		$auth = Yii::app()->authManager;
		foreach($auth->getRoles() as $name => $role)
		{
			$rolesData[$name] = $role->getDescription();
		}
		
		$this->render('create',array(
			'model'=>$model,
			'rolesData'=>$rolesData,
			'role' => 'user'
		));
	}

	/**
	 * Updates a particular model.
	 * 
	 * @param integer $id the ID of the model to be updated
	 */
	public function actionUpdate($id)
	{
		if(Yii::app()->user->getId() == $id)
		{
			$model = $this->loadModel($id);
			$model->setScenario('update');

			if(isset($_POST['User']))
			{
				$model->attributes=$_POST['User'];
				if($model->validate())
				{
					if($model->save())
					{
						if(Yii::app()->user->checkAccess("admin"))
							$this->redirect(array('/user/default/index', 'status'=>'success'));
						else
							$this->refresh();
					}
				}
			}

			$model->passwordConfirm = $model->password;
			$this->render('update',array(
				'model'=>$model,
			));
		}
		else
		{
			throw new CHttpException(404,'The requested page does not exist.');
		}
	}

	/**
	 * Deletes a particular model.
	 * If deletion is successful, the browser will be redirected to the 'admin' page.
	 * @param integer $id the ID of the model to be deleted
	 */
	public function actionDelete($id)
	{
		$this->loadModel($id)->delete();

		$this->redirect(array('/user'));
	}

	/**
	 * Lists all users.
	 */
	public function actionIndex()
	{
		$model=User::model()->findAll();
		$this->render('index',array(
			'model'=>$model,
		));
	}

	/**
	 * Returns the data model based on the primary key given in the GET variable.
	 * If the data model is not found, an HTTP exception will be raised.
	 * @param integer $id the ID of the model to be loaded
	 * @return User the loaded model
	 * @throws CHttpException
	 */
	protected function loadModel($id)
	{
		$model=User::model()->findByPk($id);
		if($model===null)
			throw new CHttpException(404,'The requested page does not exist.');
		return $model;
	}
}